Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5186-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5186-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...

RHEL 7 : kernel-rt (RHSA-2021:4779)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4779 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...

Mozilla Thunderbird < 78.14

The version of Thunderbird installed on the remote Windows host is prior to 78.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-42 advisory. - Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Thunderbird 78.13. Some ...

CentOS 7 : java-1.8.0-openjdk (RHSA-2021:2845)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2845 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected...

CentOS 8 : thunderbird (CESA-2021:2883)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:2883 advisory. - Mozilla: IMAP server responses sent by a MITM prior to STARTTLS could be processed CVE-2021-29969 - Mozilla: Use-after-free in accessibility features...

MariaDB 10.3.0 < 10.3.31 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.3.31. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.3.31 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and...

Oracle Java SE 1.7.0_311 / 1.8.0_301 / 1.11.0_12 / 1.16.0_2 Multiple Vulnerabilities (July 2021 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 301, 8 Update 291, 11 Update 11, or 16 Update 1. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory: - Vulnerability in the Java SE,...

RHEL 7 : kernel (RHSA-2021:2725)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2725 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: sizet-to-int conversion...

KB5004298: Windows 8.1 and Windows Server 2012 R2 Security Update (July 2021)

The remote Windows host is missing security update 5004298. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself i...

Photon OS 3.0: Linux PHSA-2021-3.0-0229

An update of the linux package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0229. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...

EulerOS Virtualization 3.0.6.6 : postgresql (EulerOS-SA-2021-1511)

According to the version of the postgresql packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. A...

Amazon Linux AMI : kernel (ALAS-2021-1480)

The version of kernel installed on the remote host is prior to 4.14.219-119.340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1480 advisory. 2024-05-23: CVE-2023-1390 was added to this advisory. A use-after-free flaw was found in kernel/trace/ringbuffer.c ...

CentOS 8 : java-11-openjdk (CESA-2019:1518)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1518 advisory. - OpenJDK: Slow conversion of BigDecimal to long Libraries, 8211936 CVE-2019-2602 - OpenJDK: Incorrect skeleton selection in RMI registry server-side...

Fedora 32 : 1:java-11-openjdk (2020-fdc79d8e5b)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...

RHEL 8 : virt:rhel (RHSA-2020:4058)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4058 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packag...

Debian DLA-2355-1 : bind9 security update

Two issues have been found in bind9, an Internet Domain Name Server. CVE-2020-8622 Crafted responses to TSIG-signed requests could lead to an assertion failure, causing the server to exit. This could be done by malicious server operators or guessing attackers. CVE-2020-8623 An assertions failure,...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenJDK 8 vulnerabilities (USN-4453-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4453-1 advisory. Johannes Kuhn discovered that OpenJDK 8 incorrectly handled access control contexts. An attacker could possibly use this issue to...

FreeBSD : FreeBSD -- Intel CPU Microcode Update (fbe10a8a-05a1-11ea-9dfa-f8b156ac3ff9) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Spectre)

Starting with version 1.26, the devcpu-data port/package includes updates and mitigations for the following technical and security advisories depending on CPU model. Intel TSX Updates TAA CVE-2019-11135 Voltage Modulation Vulnerability CVE-2019-11139 MDCLEAR Operations CVE-2018-12126 CVE-2018-121...

FreeBSD : drm graphics drivers -- Local privilege escalation and denial of service (ecb7fdec-0b82-11ea-874d-0c9d925bbbc0)

Intel reports : As part of IPU 2019.2, INTEL-SA-00242 advises that insufficient access control may allow an authenticated user to potentially enable escalation of privilege via local access. INTEL-SA-00260 advises that insufficient access control may allow an authenticated user to potentially...

Oracle Linux 8 : thunderbird (ELSA-2019-1799)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-1799 advisory. 60.8.0-1.0.1 60.8.0-1 - Updated to 60.8.0 60.7.2-3 - Rebuild to fix rhbz1725919 - Thunderbird fails to authenticate with gmail with ssl/tls and OAuth2...

NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2019-0069)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by multiple vulnerabilities: - A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service...

Debian DLA-1869-1 : firefox-esr security update

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery. For Debian 8 'Jessie', these problems have been...

MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.27. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 Critical Patch Update advisory: - A stack-based buffer overflow vulnerability in the 'Serve...

EulerOS 2.0 SP3 : samba (EulerOS-SA-2019-1342)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an...

Virtuozzo 7 : java-1.7.0-openjdk / etc (VZLSA-2019-0464)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Oracle Linux 7 : libvirt (ELSA-2018-1997)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1997 advisory. - cpu: define the 'virt-ssbd' CPUID feature bit CVE-2018-3639 Tenable has extracted the preceding description block directly from the Oracle Linux security...

openSUSE Security Update : mariadb (openSUSE-2018-572)

This update for mariadb to version 10.2.15 fixes the following issues : These security issues were fixed : - CVE-2018-2767: Enforse use of SSL/TLS in embedded server library Return of BACKRONYM bsc1088681. - CVE-2018-2786: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent:...

AIX 7.1 TL 5 : spectre_meltdown (IJ03033) (Meltdown) (Spectre)

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. C Tenable Network Security, Inc. The text in the description was extracted from AIX...

Fedora 25 : kernel (2017-a3a8638a60)

The 4.12.11 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3592) (Stack Clash) (deprecated)

Description of changes: 2.6.39-400.297.4.el6uek - mm: larger stack guard gap, between vmas Hugh Dickins Orabug: 26326145 CVE-2017-1000364 This plugin has been deprecated because the recently released Oracle Linux 5 and 6, ELSA-2017-3592, does not fix any security problems relevant to already...

Windows 8.1 and Windows Server 2012 R2 April 2017 Security Updates

The remote Windows host is missing security update 4015547 or cumulative update 4015550. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0881-1)

This update for the Linux Kernel 3.12.60-5249 fixes one issue. The following security bugs were fixed : - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access via an integer overflo...

Fedora 24 : 2:qemu (2017-12394e2cc7)

CVE-2016-6836: vmxnet: Information leakage in vmxnet3completepacket bz 1366370 - CVE-2016-7909: pcnet: Infinite loop in pcnetrdraaddr bz 1381196 - CVE-2016-7994: virtio-gpu: memory leak in resourcecreate2d bz 1382667 - CVE-2016-8577: 9pfs: host memory leakage in v9fsread bz 1383286 -...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2324-1)

This update fixes the following security issues : - bsc956832 - CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list - Revert x86/IO-APIC: don't create pIRQ mapping from masked RTE until kernel maintenance release goes out. - bsc956592 - xen: virtual PMU is...

CentOS 6 : kernel (CESA-2015:1623)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

OpenSSH < 7.0 Multiple Vulnerabilities

According to its banner, the version of OpenSSH running on the remote host is prior to 7.0. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability exists in the kbdintnextdevice function in file auth2-chall.c that allows the circumvention of MaxAuthTries...

Palo Alto Networks PAN-OS <= 5.0.15 / 6.0.x <= 6.0.8 / 6.1.x <= 6.1.2 GNU C Library (glibc) Buffer Overflow (GHOST)

The remote host is running a version of Palo Alto Networks PAN-OS equal to or prior to 5.0.15 / 6.0.8 / 6.1.2. It is, therefore, affected by a heap-based buffer overflow in the GNU C Library glibc due to improperly validating user-supplied input in the glibc functions nsshostnamedigitsdots,...

RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Oracle Linux 5 : Important: / kernel (ELSA-2008-0089)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0089 advisory. 2.6.18-53.1.6.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 621936...

Erlang Port Mapper Daemon Detection

The remote host is running Erlang Port Mapper Daemon, which acts as a name server on all hosts involved in distributed Erlang computations. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid62351; scriptversion"1.4";...

Scientific Linux Security Update : php on SL3.x, SL4.x, SL5.x i386/x86_64

CVE-2009-2687 php: exifreaddata crash on corrupted JPEG files CVE-2009-3292 php: exif extension: Multiple missing sanity checks in EXIF file processing CVE-2009-3291 php: openssl extension: Incorrect verification of SSL certificate with NUL in name CVE-2009-3546 gd: insufficient input validation ...

SuSE 11 Security Update : Mozilla (SAT Patch Number 2239)

Mozilla NSS was updated to version 3.12.6. This fixes all currently known issues in mozilla-nss, and also implements the new TLS/SSL renegotiation handling. CVE-2009-3555 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084)

Multiple Java OpenJDK security vulnerabilities has been identified and fixed : - TLS: MITM attacks via session renegotiation CVE-2009-3555. - Loader-constraint table allows arrays instead of only the b ase-classes CVE-2010-0082. - Policy/PolicyFile leak dynamic ProtectionDomains. CVE-2010-0084. -...

CentOS 5 : ghostscript (CESA-2009:0421)

Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ghostscript is a set of software that provides a PostScript interpreter, a set of C...

Slackware 12.2 / current : kernel (SSA:2009-230-01)

New Linux kernel packages are available for Slackware 12.2 and -current to address a security issue. A kernel bug discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team could allow a local user to fill memory page zero with arbitrary code and then use the kernel sendpage...

openSUSE Security Update : libxml2 (libxml2-1175)

This update of libxml2 does not use pointers after they were freed anymore. CVE-2009-2416 Additionally a stack-based buffer overflow was fixed while parsing the root XML document. CVE-2009-2414 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2008:235)

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.18 CVE-2008-5012, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5021, CVE-2008-5022, CVE-2008-5024, CVE-2008-5052. This update provides the lates...

Fedora 8 : thunderbird-2.0.0.18-1.fc8 (2008-9807)

This update update upgrades thunderbird packages to upstream version 2.0.0.18, which fixes multiple security issues detailed in upstream security advisories: http://www.mozilla.org/security/known- vulnerabilities/thunderbird20.htmlthunderbird2.0.0.17 http://www.mozilla.org/security/known-...

FreeBSD : postgresql -- multiple vulnerabilities (51436b4c-1250-11dd-bab7-0016179b2dd5)

The PostgreSQL developers report : PostgreSQL allows users to create indexes on the results of user-defined functions, known as 'expression indexes'. This provided two vulnerabilities to privilege escalation: 1 index functions were executed as the superuser and not the table owner during VACUUM a...

MikroTik RouterOS Detection

According to one of its service banners, the remote host is running MikroTik RouterOS, a specialized Linux-based operating system that allows Intel-class PCs to act as a network router or access point. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid30212;...